On Tue, Apr 20, 2021 at 9:07 PM Bill James <bill.ja...@j2.com> wrote: > > Thank you for reply. > Notice Enroll cert was done 4/15, but still getting notices. > > > engine.log: > > 2021-04-19 20:05:59,922-07 WARN > [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] > (EE-ManagedThreadFactory-engineScheduled-Thread-58) [] EVENT_ID: > HOST_CERTIFICATION_IS_ABOUT_TO_EXPIRE(845), Host ovirt1.j2noc.com > certification is about to expire at 2021-05-12. Please renew the host's > certification. > > .. > > > > 2021-04-15 20:25:47,964-07 INFO > [org.ovirt.engine.core.bll.hostdeploy.HostEnrollCertificateCommand] (default > task-3) [6b9b252b-e78a-4f46-983c-58b4162c2818] Running command: > HostEnrollCertificateCommand internal: false. Entities affected : ID: > 23d2c0ab-5dd1-43af-9db3-2a426a539faf Type: VDSAction group > EDIT_HOST_CONFIGURATION with role type ADMIN > > 2021-04-15 20:25:48,004-07 INFO > [org.ovirt.engine.core.bll.hostdeploy.HostEnrollCertificateInternalCommand] > (EE-ManagedThreadFactory-commandCoordinator-Thread-1) > [6b9b252b-e78a-4f46-983c-58b4162c2818] Running command: > HostEnrollCertificateInternalCommand internal: true. Entities affected : ID: > 23d2c0ab-5dd1-43af-9db3-2a426a539faf Type: VDS > > 2021-04-15 20:25:48,012-07 INFO > [org.ovirt.engine.core.vdsbroker.SetVdsStatusVDSCommand] > (EE-ManagedThreadFactory-commandCoordinator-Thread-1) > [6b9b252b-e78a-4f46-983c-58b4162c2818] START, SetVdsStatusVDSCommand(HostName > = ovirt1.j2noc.com, > SetVdsStatusVDSCommandParameters:{hostId='23d2c0ab-5dd1-43af-9db3-2a426a539faf', > status='Installing', nonOperationalReason='NONE', > stopSpmFailureLogged='false', maintenanceReason='null'}), log id: 2c9a2bff > > 2021-04-15 20:25:48,021-07 INFO > [org.ovirt.engine.core.vdsbroker.SetVdsStatusVDSCommand] > (EE-ManagedThreadFactory-commandCoordinator-Thread-1) > [6b9b252b-e78a-4f46-983c-58b4162c2818] FINISH, SetVdsStatusVDSCommand, > return: , log id: 2c9a2bff > > 2021-04-15 20:25:48,037-07 INFO > [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] > (default task-3) [6b9b252b-e78a-4f46-983c-58b4162c2818] EVENT_ID: > HOST_CERTIFICATION_ENROLLMENT_STARTED(880), Enrolling certificate for host > ovirt1.j2noc.com was started (User: > bill.ja...@j2global.com@j2global.com-authz). > > 2021-04-15 20:25:48,058-07 INFO > [org.ovirt.engine.core.vdsbroker.SetVdsStatusVDSCommand] > (EE-ManagedThreadFactory-commandCoordinator-Thread-1) > [6b9b252b-e78a-4f46-983c-58b4162c2818] START, SetVdsStatusVDSCommand(HostName > = ovirt1.j2noc.com, > SetVdsStatusVDSCommandParameters:{hostId='23d2c0ab-5dd1-43af-9db3-2a426a539faf', > status='Maintenance', nonOperationalReason='NONE', > stopSpmFailureLogged='false', maintenanceReason='null'}), log id: e46428c > > 2021-04-15 20:25:48,062-07 INFO > [org.ovirt.engine.core.vdsbroker.SetVdsStatusVDSCommand] > (EE-ManagedThreadFactory-commandCoordinator-Thread-1) > [6b9b252b-e78a-4f46-983c-58b4162c2818] FINISH, > > SetVdsStatusVDSCommand, return: , log id: e46428c > > 2021-04-15 20:25:48,069-07 INFO > [org.ovirt.engine.core.common.utils.ansible.AnsibleExecutor] > (EE-ManagedThreadFactory-commandCoordinator-Thread-1) > [6b9b252b-e78a-4f46-983c-58b4162c2818] Executing Ansible command: > /usr/bin/ansible-playbook --ssh-common-args=-F > /var/lib/ovirt-engine/.ssh/config -v > --private-key=/etc/pki/ovirt-engine/keys/engine_id_rsa > --inventory=/tmp/ansible-inventory8413305606879978005 > --extra-vars=ovirt_organizationname="j2noc.com" > --extra-vars=ovirt_ca_cert="-----BEGIN CERTIFICATE----- > > MIIDrjCCApagAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwQTELMAkGA1UEBhMCVVMxEjAQBgNVBAoT > > CWoybm9jLmNvbTEeMBwGA1UEAxMVb3ZpcnQuajJub2MuY29tLjE4NjU1MB4XDTE2MDUxMjE0NDUz > > MloXDTI2MDUxMTE0NDUzMlowQTELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCWoybm9jLmNvbTEeMBwG > > A1UEAxMVb3ZpcnQuajJub2MuY29tLjE4NjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC > > AQEAvGatrRaRs2lnC/uT2caEij9cAzrYeJvnskCUY/iJoVGZuERDmU0QanvEUIIKlcjAqJsAb3Z4 > > 4h63RoXNshnvFUP7L0DR2YvfrKWnDV3AlA/rEQ8jwLedGGsvM/AxzTMaSlnlcJYSlJXeQKHEhc84 > > OTF8k+KalJditE9XWS/Z+OV9T3RcnE5QpBNJDKgg0W42WU4Y2K8r+Jwpso0Ea7YZuMck8GORnQOD > > vlQbGvj/6pOBcMyAIeVa0puTFIsGuje0dM7VUYl/DP/2T8kwJJtDM7cgaV94KSUTJbjdBLshWSPI > > Jj5LK1s7k3FGqGlPdjiXsbccZ8wUs439HwjMm7C6SQIDAQABo4GvMIGsMB0GA1UdDgQWBBRVi07z > > FIlc0PPtHF2JNIljlPnhXzBqBgNVHSMEYzBhgBRVi07zFIlc0PPtHF2JNIljlPnhX6FFpEMwQTEL > > MAkGA1UEBhMCVVMxEjAQBgNVBAoTCWoybm9jLmNvbTEeMBwGA1UEAxMVb3ZpcnQuajJub2MuY29t > > LjE4NjU1ggIQADAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUF > > AAOCAQEAna9CJ3lO1OMMGrINg9L+0DrILXFB7BYdf+x+dbyFkok+GkXWnG9SUuXIRqu5myJUJxPB > > cUOdxUvtgqp1ZHQ4noCACk7qcBDUEvkCsPiVqH0ogGuVkHzq8fl+L8VIZDH4cHYt4orhXiziPz8Y > > +LQFzP+vgB91pW2fejd2vXOrHEldQmu+IOpy28m4KeP5f1cay8+GcwESBcwnnOssotT14oPmIs2Z > > IIqdUyTEF0ILgBlEBOZBs27QhkqEI7ugyQfYosglS2PNTteOPmplapJ85fay+jElgXAIFD3gXSqd > > PDGq+9R0ELaIbpx4VloTUgejgKgO4xcx24O6H5F+GDurQg== > > -----END CERTIFICATE----- > > " --extra-vars=ovirt_san="IP:10.144.110.99" > --extra-vars=ovirt_engine_usr="/usr/share/ovirt-engine" > --extra-vars=ovirt_vds_hostname="10.144.110.99" > --extra-vars=ovirt_pki_dir="/etc/pki/ovirt-engine" > --extra-vars=ovirt_signcerttimeoutinseconds="30" > --extra-vars=ovirt_ca_key="ssh-rsa > AAAAB3NzaC1yc2EAAAADAQABAAABAQC8Zq2tFpGzaWcL+5PZxoSKP1wDOth4m+eyQJRj+ImhUZm4REOZTRBqe8RQggqVyMComwBvdnjiHrdGhc2yGe8VQ/svQNHZi9+spacNXcCUD+sRDyPAt50Yay8z8DHNMxpKWeVwlhKUld5AocSFzzg5MXyT4pqUl2K0T1dZL9n45X1PdFycTlCkE0kMqCDRbjZZThjYryv4nCmyjQRrthm4xyTwY5GdA4O+VBsa+P/qk4FwzIAh5VrSm5MUiwa6N7R0ztVRiX8M//ZPyTAkm0MztyBpX3gpJRMluN0EuyFZI8gmPksrWzuTcUaoaU92OJextxxnzBSzjf0fCMybsLpJ" > --extra-vars=ovirt_vdscertificatevalidityinyears="5" > /usr/share/ovirt-engine/playbooks/ovirt-host-enroll-certificate.yml [Logfile: > /var/log/ovirt-engine/host-deploy/ovirt-enroll-certs-ansible-20210415202548-10.144.110.99-6b9b252b-e78a-4f46-983c-58b4162c2818.log] > > > > ovirt-enroll-certs-ansible-20210415202548-10.144.110.99-6b9b252b-e78a-4f46-983c-58b4162c2818.log > attached. > > > > On Mon, Apr 19, 2021 at 10:37 PM Yedidyah Bar David <d...@redhat.com> wrote: >> >> On Mon, Apr 19, 2021 at 8:15 PM Bill James <bill.ja...@j2.com> wrote: >> > >> > I get this message from ovirt: >> > Message:Host <hostname> certification is about to expire at 2021-05-12. >> > Please renew the host's certification. >> > >> > I tried putting host in maintenance mode and running "enroll certificate". >> > Didn't help. >> >> Please check/share relevant logs (on the engine machine) - >> /var/log/ovirt-engine/engine.log and >> /var/log/ovirt-engine/host-deploy/* . Thanks. >> >> > >> > How do I renew the certificate? >> >> 'Enroll Certificate' should have worked. In principle you can also try >> 'Reinstall', which is not that much more drastic than 'Enroll >> Certificate' on a working host, but does do a bit more.
I think "Enroll Certificate" does not restart vdsm, but vdsm probably only reads the new cert on startup. So perhaps try to put the host to maintenance and 'systemctl restart vdsmd' (or just reboot). Best regards, -- Didi _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/6H7FIYXVMK34MSRX7KRB4EPVSCZORL6J/